Massive Bug Discovered in Almost Every Version of Internet Explorer
Internet Explorer is infamous for being allegedly slower than every other browser, at least according to the memesphere. But, even after a huge deal of PR and relabeling, this big name browser has been struck with more misfortune.
Apparently, this bug is built in to as early as version 6 of Explorer, and all the way through the most recent version, 11. Fire Eye, a cybersecurity software company that discovered the flaw, over the weekend, says that this flaw has already allowed major U.S. companies to be attacked by hackers through the browser.
Effect of the Bug
Microsoft released a Security Advisory on Saturday, explaining how the bug is violating systems:
“The vulnerability exists in the way that Internet Explorer accesses an object in memory that has been deleted or has not been properly allocated. The vulnerability may corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user within Internet Explorer. An attacker could host a specially crafted website that is designed to exploit this vulnerability through Internet Explorer and then convince a user to view the website.”
Fire Eye has explained that this is a “zero-day” threat, a bug that has been exploited long before Microsoft was ever aware that security had been breached. According to Forbes magazine, hacker groups have been employed in an operation known as “Clandestine Fox,” which targets United States military and financial organizations.
Effect on the Web
TechMarketShare research says that these six versions of Internet Explorer account for more than 50% of PC browsers. What is more, Fire Eye says that these browsers account for more than 25% of all internet users. The United States Department of Homeland Security has advised all internet browsers to steer clear of Internet Explorer until Microsoft fixes the bug and restores security. The US-CERT, United States Computer Emergency Readiness Team, advises that anyone who believes they may have been affected should employ Microsoft EMET, Enhanced Mitigate Experience Toolkit, to combat system flaws. US-CERT also recommends that other browsers be employed until the flaws have been repaired.